package com.exampl;

import junit.framework.Assert;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * <p>
 *  Shiro 身份认证
 * </p>
 *
 * @author 12071
 * @date 2022/7/19 11:25
 */

public class ShiroAuthenticator {
    public static void main(String[] args) {
        //1、获取SecurityManager工厂，此处使用Ini配置文件初始化SecurityManager
        Factory<SecurityManager> factory
                = new IniSecurityManagerFactory("classpath:shiro.ini");

        //2、得到SecurityManager实例 并绑定给SecurityUtils
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);

        // 3、得到当前执行的Subject
        Subject currentSubject = SecurityUtils.getSubject();

        Session session = currentSubject.getSession();
        session.setAttribute("someKey", "aValue"); // 配置session传递属性

        String value = (String)session.getAttribute("someKey");
        if(value.equals("aValue")){
            System.out.println("Retrieved the correct value! [" + value + "]");
        }
        if(!currentSubject.isAuthenticated()){
            UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
            token.setRememberMe(true);
            // no user
            UsernamePasswordToken token1 = new UsernamePasswordToken("abc", "vespa");
            // wrong password
            UsernamePasswordToken token2 = new UsernamePasswordToken("lonestarr", "abc");

            tryLogin(token);
        }

        //
        System.out.println("User [" + currentSubject.getPrincipal() + "] logged in successfully.");


        // 查看用户角色
        if (currentSubject.hasRole("schwartz")) {
            System.out.println("May the Schwartz be with you!");
        } else {
            System.out.println("Hello, mere mortal.");
        }

        // 查看权限
        if (currentSubject.isPermitted("lightsaber:wield")) {
            System.out.println("You may use a lightsaber ring.  Use it wisely.");
        } else {
            System.out.println("Sorry, lightsaber rings are for schwartz masters only.");
        }

        //a (very powerful) Instance Level permission:
        if (currentSubject.isPermitted("winnebago:drive:eagle5")) {
            System.out.println("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'.  " +
                    "Here are the keys - have fun!");
        } else {
            System.out.println("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
        }

        //all done - log out!
        currentSubject.logout();

        System.exit(0);
    }


    public static void tryLogin(HostAuthenticationToken token){
        Subject currentSubject = SecurityUtils.getSubject();
        try{
            currentSubject.login(token);
        }catch (UnknownAccountException uae) {
            System.out.println("There is no user with username of " + token.getPrincipal());
        } catch (IncorrectCredentialsException ice) {
            System.out.println("Password for account " + token.getPrincipal() + " was incorrect!");
        } catch (LockedAccountException lae) {
            System.out.println("The account for username " + token.getPrincipal() + " is locked.  \n" +
                    "Please contact your administrator to unlock it.");
        }
        System.out.println(token.getPrincipal() + " log success");
    }
}
